This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T21:02:27+00:00 www.secnews.physaphae.fr RiskIQ - cyber risk firms (now microsoft) 2024-11-04T12:25:16+00:00 https://community.riskiq.com/article/d6da7f0d www.secnews.physaphae.fr/article.php?IdArticle=8605948 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Prediction,Medical,Cloud,Technical APT 41,APT 28,APT 31,Guam 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-11-01T19:39:00+00:00 https://cybersecurity.att.com/blogs/labs-research/ngioweb-remains-active-7-years-later www.secnews.physaphae.fr/article.php?IdArticle=8604836 False Malware,Vulnerability,Threat,Mobile,Technical APT 28 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Like many countries across the globe, Mexico faces a cyber threat landscape made up of a complex interplay of global and local threats, with threat actors carrying out attempted intrusions into critical sectors of Mexican society. Mexico also faces threats posed by the worldwide increase in multifaceted extortion, as ransomware and data theft continue to rise. Threat actors with an array of motivations continue to seek opportunities to exploit the digital infrastructure that Mexicans rely on across all aspects of society. This joint blog brings together our collective understanding of the cyber threat landscape impacting Mexico, combining insights from Google\'s Threat Analysis Group (TAG) and Mandiant\'s frontline intelligence. By sharing our global perspective, especially during today\'s Google for Mexico event, we hope to enable greater resiliency in mitigating these threats. Cyber Espionage Operations Targeting Mexico As the 12th largest economy in the world, Mexico draws attention from cyber espionage actors from multiple nations, with targeting patterns mirroring broader priorities and focus areas that we see elsewhere. Since 2020, cyber espionage groups from more than 10 countries have targeted users in Mexico; however, more than 77% of government-backed phishing activity is concentrated among groups from the People\'s Republic of China (PRC), North Korea, and Russia. Figure 1: Government-backed phishing activity targeting Mexico, January 2020 – August 2024 The examples here highlight recent and historical examples where cyber espionage actors have targeted users and organizations in Mexico. It should be noted that these campaigns describe targeting and do not indicate successful compromise or exploitation. PRC Cyber Espionage Activity Targeting Mexico Since 2020, we have observed activity from seven cyber espionage groups with links to the PRC targeting users in Mexico, accounting for a third of government-backed phishing activity in the country. This volume of PRC cyber espionage is similar to activity in other regions where Chinese government investment has been focused, such as countries within China\'s Belt and Road Initiative. In addition to activity targeting Gmail users, PRC-backed groups have targeted Mexican government agencies, higher ]]> 2024-09-10T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-mexico/ www.secnews.physaphae.fr/article.php?IdArticle=8574054 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud,Commercial APT 28 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T10:35:06+00:00 https://community.riskiq.com/article/e60227f4 www.secnews.physaphae.fr/article.php?IdArticle=8556324 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Mobile,Industrial,Cloud APT 28 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-29T10:58:35+00:00 https://community.riskiq.com/article/72f3426d www.secnews.physaphae.fr/article.php?IdArticle=8546560 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Industrial,Medical APT 28,APT 36 2.0000000000000000 Mandiant - Blog Sécu de Mandiant   Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted intrusions into critical sectors of Brazilian society. Brazil also faces threats posed by the worldwide increase in multifaceted extortion, as ransomware and data theft continue to rise. At the same time, the threat landscape in Brazil is shaped by a domestic cybercriminal market, where threat actors coordinate to carry out account takeovers, conduct carding and fraud, deploy banking malware and facilitate other cyber threats targeting Brazilians. The rise of the Global South, with Brazil at the forefront, marks a significant shift in the geopolitical landscape; one that extends into the cyber realm. As Brazil\'s influence grows, so does its digital footprint, making it an increasingly attractive target for cyber threats originating from both global and domestic actors. This blog post brings together Google\'s collective understanding of the Brazilian threat landscape, combining insights from Google\'s Threat Analysis Group (TAG) and Mandiant\'s frontline intelligence. As Brazil\'s economic and geopolitical role in global affairs continues to rise, threat actors from an array of motivations will further seek opportunities to exploit the digital infrastructure that Brazilians rely upon across all aspects of society. By sharing our global perspective, we hope to enable greater resiliency in mitigating these threats. Google uses the results of our research to improve the safety and security of our products, making them secure by default. Chrome OS has built-in and proactive security to protect from ransomware, and there have been no reported ransomware attacks ever on any business, education, or consumer Chrome OS device. Google security teams continuously monitor for new threat activity, and all identified websites and domains are added to Safe Browsing to protect users from further exploitation. We deploy and constantly update Android detections to protect users\' devices and prevent malicious actors from publishing malware to the Google Play Store. We send targeted Gmail and Workspace users government-backed attacker alerts, notifying them of the activity and encouraging potential targets to enable Enhanced Safe Browsing for Chrome and ensure that all devices are updated.   Cyber Espionage Operations Targeting Brazil Brazil\'s status as a globally influential power and the largest economy in South America have drawn attention from c]]> 2024-06-12T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-brazil/ www.secnews.physaphae.fr/article.php?IdArticle=8516847 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud,Technical APT 28 2.0000000000000000